Security: Silent Exception Swallowing in Server Request Handler Factory (#12332)

Signed-off-by: Trần Bách <45133811+barttran2k@users.noreply.github.com>
Co-authored-by: Sam Bull <git@sambull.org>

Author: barttran2k

aiohttp/web_server.py

@@ -123,4 +123,11 @@ def __call__(self) -> RequestHandler[_Request]:
                 for k, v in self._kwargs.items()
                 if k in ["debug", "access_log_class"]
             }
-            return RequestHandler(self, loop=self._loop, **kwargs)
+            handler = RequestHandler(self, loop=self._loop, **kwargs)
+            handler.logger.warning(
+                "Failed to create request handler with custom kwargs %r, "
+                "falling back to filtered kwargs. This may indicate a "
+                "misconfiguration.",
+                self._kwargs,
+            )
+            return handler